A computer virus is a self-replicating program designed to spread without user intervention or knowledge. Computer viruses are spread by attaching themselves to another program, such as a macro attached to e-mail. A worm is a type of computer virus that can transmit itself to a second computer over a network. The increased access to e-mail at the workplace has allowed viruses and worms to spread at a much faster rate. The number of viruses “in the wild,” or present in more than one company or organization, have increased dramatically since widespread Internet access has become available.
Most companies allow Internet access by creating a local area network (LAN). Access to the LAN by the Internet is protected by a “firewall”. Such a network allows programs on one computer to be accessed by all the computers on the LAN. Unfortunately, this access means that once a virus infects one computer, all the other computers in a LAN may soon be infected as well.
The standard protection against virus is an anti-virus software application that analyzes software applications and isolates any latent viruses. This anti-virus software has a set of virus characteristics that the software searches for in the computer. Each time a new virus is created or evolved, a new anti-virus characteristic must be updated to the computer in order for the anti-virus software to detect the virus.
There are two methods that are used prominently for administering anti-virus software. One method is to install anti-virus software directly into the firewall. The firewall attempts to scan for viruses on the fly while the client computer is receiving the data and then aborts the transfer if a virus is detected. This method has several disadvantages. Having a single point for scanning data creates a bottleneck and slows down the system performance. Additionally, this method only prevents viruses from entering from the Internet and fails to provide protection from viruses distributed locally either through the LAN from one computer to the other or through external media, such as floppy disks.
The second method is to install an anti-virus client on each individual computer and manage them separately. This protection also has several disadvantages. This method fails to guarantee all the computers on the LAN have the software installed and properly configured, that the virus scanning engine and data files are up-to-date, and that the individual computer user did not disable the anti-virus software.
What is needed is a method of administering anti-virus applications so that a LAN is protected from both Internet infections and internal infections (from other computers in the LAN) as well. What is further needed is a method of administering anti-virus applications so that scanning engine and data files may be made up-to-date on each computer on the LAN.